Supports the progress of MDM services through increased functionality and visibility of cloud security

Overview

SoftBank Telecom is one of the core companies of the SoftBank Group, and is involved in the provision of voice and transmission services as well as setting up Internet environments for corporate clients. The company is also expanding its other services including fixed-line telephones, a “white cloud” cloud service, a network and VPN service, and a service that fuses the white cloud with mobile communication.

Challenges

“Security is the most important thing when it comes to getting customers to use cloud services with peace of mind. That’s why we started enhancing cloud security before anything else and really focused on ensuring transparency in our measures.” says Shigeyuki Morimoto, who is in charge of platform development for SoftBank Telecom’s MDM service “Business Concierge Device Management."

Business Concierge Device Management is an industry-leading cloud-based MDM service and was launched in May 2011 to capitalize on the explosive growth of smartphones and tablets and their penetration into businesses. The number of users of the service quickly increased, and only three years after the start of the service there are 4,000 companies with operating contracts and 550,000 user IDs have been issued. Furthermore, along with the rapid increase in users, the service’s managed server environment is being rapidly enhanced.

Business Concierge Device Management has also been adopted by companies and organizations that have very strict information security requirements, such as financial institutions. The service meets the strict requirements of such customers using a policy of prioritizing security, the service platform. In addition, Mr. Morimoto highlights the “transparency of security measures” that lead to peace of mind for the customer. “In conventional cloud services you can’t see what technology is used to ensure the integrity of a platform, and this causes concern for customers. To alleviate this concern, we decided to disclose our security measures and adopted a policy that would gain the trust of our customers,” says Mr. Morimoto.

“Trend Micro Deep Security™ helps the service by fulfilling the role of an important function that supports a cloud with robust security and transparency.”

“The key to cloud service is the server security, and the only tool we could find to enhance the server security was Deep Security.”

Shigeyuki MorimotoSoftBank Telecom Corp.

Solution

It goes without saying that in order to gain trust through the transparency of security measures, it is a non-negotiable condition that the measures themselves and the security products and technology used must be viable and highly trustworthy. In other words, it is absolutely essential to employ security tools that are suitable for the defense of servers in a cloud or a virtual environment. To meet this goal, the provider of any products or technology must be well known as a security solution provider and have a proven track record.

With “name” and “track record” in mind, Mr. Morimoto searched for a solution to enhance the security of the Business Concierge Device Management platform. As a result, he came across Deep Security and quickly decided that this was what he was looking for.

“I made the decision to use Deep Security almost on the spot. As soon as I knew about it, I realized that there was nothing that could compete. I was so impressed with it that I went directly to the top people at Trend Micro to implore them to keep putting effort into continuously improving Deep Security,” says Mr. Morimoto looking back.

Currently, a Deep Security Agent is installed in all management server environments (including guest operating systems and host operating systems in virtual environment) that run the Business Concierge Device Management service. In addition, measures have been taken to deal with server vulnerabilities or anti-virus measures through intrusion protection functions of IDS/IPS.
Toru Shimizu was responsible for Deep Security implementation and design at Softbank Telecom.

“One of the things I noticed when I actually got hands-on experience with Deep Security was its usability. The functions required for server protection are provided comprehensively as software, so network settings and other functions were simple to perform during IDS/IPS implementation. When you add a server all you have to do is install the Deep Security Agent and register it in the management environment,” says Mr. Shimizu.

“Thanks to the virtual patch function of Deep Security, we have been able to keep responding to vulnerabilities very swiftly; it has really helped.”

Toru Shimizu
SoftBank Telecom Corp.

Results

As can be seen from the comments above, Mr. Morimoto and Mr. Shimizu have a very high opinion of Deep Security. Mr. Shimizu spoke particularly highly of the “virtual patch” function to deal with vulnerabilities, saying “it really helped.” This function uses a vulnerability rule (or virtual patch) to detect and block packets attacking a server’s vulnerabilities.This type of virtual patching swiftly protects the server from a zero-day attack against its vulnerabilities.

“In 2014 alone many serious vulnerabilities were reported, and attacks against vulnerabilities have started to come quicker and quicker. Under these circumstances, the ability to rapidly protect a server with a virtual patch before an official one is released is a great benefit for a company like us that has many servers and wants to avoid service outages as far as possible,” Mr. Shimizu continues.

“Trend Micro takes quick action against vulnerabilities, and this has given us an extra advantage in terms of speeding our protection against vulnerabilities.”

Mr. Morimoto, on the other hand, is aiming to further evolve the company’s security measures on the basis of Trend Micro solutions, including Deep Security. His goal is to increase the ability to deal with unknown threats and take proactive action against threats.

“Ideally I want to eliminate all risks before anything happens, and to do this we have to enhance our ability to swiftly detect threats and isolate them. I believe we can gain this ability by improving our capability to identify the signs of a threat from sources such as log information,” says Mr. Morimoto. He wraps up by saying “Of course, it is essential for this kind of initiative to have the cooperation of a security vendor who is skilled in collecting and analyzing large volumes of logs on a daily basis and identifying the signs and patterns of threats. I hope to continue working with Trend Micro to enhance and develop our security measures.”

“Trend Micro takes quick action against vulnerabilities, and this has given us an extra advantage in terms of speeding our protection.”